Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/C_Rlg20UI_J9a__I_iNsJRO_Tgs.roa
File: C_Rlg20UI_J9a__I_iNsJRO_Tgs.roa (raw, json)
Hash identifier: gQQceuCCiCdIoN681qC3Wn/dwvjxavM39jRDQHmhR7Q=
Subject key identifier: 0B:F4:65:83:6D:14:23:F2:7D:6B:FF:C8:FE:23:6C:25:13:BF:4E:0B
Certificate issuer: /CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
Certificate serial: 3A73D0AB
Authority key identifier: 54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/C_Rlg20UI_J9a__I_iNsJRO_Tgs.roa
Signing time: Sat 01 Jan 2022 04:51:55 +0000
ROA not before: Sat 01 Jan 2022 04:51:55 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43372
IP address blocks: 88.220.112.0/24 maxlen: 24
195.136.168.0/22 maxlen: 22
88.220.130.0/23 maxlen: 23
88.220.134.0/23 maxlen: 23
88.220.161.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 980668587 (0x3a73d0ab)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
Validity
Not Before: Jan 1 04:51:55 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0bf465836d1423f27d6bffc8fe236c2513bf4e0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:49:1a:1e:a2:d2:54:05:f1:5d:1d:5c:ad:cc:
5a:97:7d:f2:c8:b5:3d:ab:da:3a:a0:3c:ff:ab:16:
61:56:df:49:b2:f6:40:cb:0b:a0:87:47:51:60:7d:
e2:07:fd:52:01:0b:ef:55:c5:21:d0:bd:aa:09:8f:
26:d8:a8:1c:ad:97:4d:ef:50:b2:f6:96:c6:65:65:
45:cc:ad:d4:d1:cf:ab:e1:84:ed:cb:b1:28:12:ee:
18:52:25:ea:8c:87:e9:87:f8:01:4a:e3:e4:8c:73:
03:e9:58:e2:5b:ea:19:a3:3d:6b:87:9a:a9:eb:9b:
73:5e:52:3a:f3:26:99:f4:df:01:19:14:38:e8:28:
09:1d:21:90:45:1c:df:4a:48:21:a7:93:b8:02:6f:
22:2e:24:9f:6f:54:03:84:87:e2:2e:01:58:f2:0d:
32:18:f5:3e:5a:03:fa:06:1c:dc:5f:fb:43:2e:64:
61:b7:69:fe:77:c3:c3:1a:f4:79:14:aa:5e:52:c6:
e6:6d:ae:f3:6c:bc:ab:7c:a8:b6:f1:a8:d5:86:c6:
c1:ff:0f:de:b3:9f:30:f4:07:88:0c:be:07:15:f7:
44:a3:12:d0:0f:47:79:18:53:06:c6:66:57:57:f6:
e4:35:3c:84:42:9d:e1:7c:31:49:ca:7f:c4:3d:f3:
ba:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:F4:65:83:6D:14:23:F2:7D:6B:FF:C8:FE:23:6C:25:13:BF:4E:0B
X509v3 Authority Key Identifier:
keyid:54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/C_Rlg20UI_J9a__I_iNsJRO_Tgs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/VGg05oiQ85hqGwRXzg9UrgPC12s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.220.112.0/24
88.220.130.0/23
88.220.134.0/23
88.220.161.0/24
195.136.168.0/22
Signature Algorithm: sha256WithRSAEncryption
b0:94:d3:d8:cc:70:0c:fa:b8:98:e7:7a:0a:e1:5d:23:d1:c2:
80:c9:19:b2:26:2d:81:91:c9:02:7d:b5:98:ea:e0:ac:7c:8f:
e6:da:18:be:96:51:57:71:6d:6c:da:c1:f8:d1:46:6d:d5:dd:
c2:1f:5e:f0:ad:39:8d:53:5a:b7:8a:01:39:21:f9:74:f7:d3:
1b:88:79:2a:33:b4:d3:72:db:17:ae:36:58:32:f9:ac:20:5e:
64:3e:35:39:85:cd:94:57:62:04:bd:91:f7:ee:e8:b1:4e:d5:
4e:ac:79:1e:ab:77:a1:b7:5a:68:09:1c:74:93:d1:ac:bf:0b:
47:89:58:52:10:f1:f6:8c:19:84:66:f3:cb:bf:da:c5:4e:06:
8d:5a:79:95:aa:7d:2a:eb:6b:8d:d5:2d:c8:b4:de:34:47:b5:
f5:57:a8:91:83:cd:5e:bb:e7:6d:fe:67:37:b3:ef:42:7d:e9:
3e:8a:94:fc:16:52:3c:8b:76:fe:14:05:93:db:32:8b:61:b4:
5d:00:ae:1a:b8:14:09:a9:7f:d7:01:15:ba:f1:dc:eb:50:87:
30:65:0b:e9:68:1e:1d:88:54:f6:d3:4a:0e:fc:df:9d:b7:f8:
d8:c1:0a:0a:69:34:f8:b0:0c:ce:7b:fd:98:1f:ce:b3:49:88:
b4:0d:c3:e7
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIEOnPQqzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
NDY4MzRlNjg4OTBmMzk4NmExYjA0NTdjZTBmNTRhZTAzYzJkNzZiMB4XDTIyMDEw
MTA0NTE1NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGJmNDY1ODM2ZDE0
MjNmMjdkNmJmZmM4ZmUyMzZjMjUxM2JmNGUwYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALpJGh6i0lQF8V0dXK3MWpd98si1PavaOqA8/6sWYVbfSbL2
QMsLoIdHUWB94gf9UgEL71XFIdC9qgmPJtioHK2XTe9QsvaWxmVlRcyt1NHPq+GE
7cuxKBLuGFIl6oyH6Yf4AUrj5IxzA+lY4lvqGaM9a4eaqeubc15SOvMmmfTfARkU
OOgoCR0hkEUc30pIIaeTuAJvIi4kn29UA4SH4i4BWPINMhj1PloD+gYc3F/7Qy5k
Ybdp/nfDwxr0eRSqXlLG5m2u82y8q3yotvGo1YbGwf8P3rOfMPQHiAy+BxX3RKMS
0A9HeRhTBsZmV1f25DU8hEKd4XwxScp/xD3zuhUCAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBQL9GWDbRQj8n1r/8j+I2wlE79OCzAfBgNVHSMEGDAWgBRUaDTmiJDzmGob
BFfOD1SuA8LXazAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1ZHZzA1b2lRODVocUd3Ulh6ZzlVcmdQQzEycy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjkvNWYyZjBiLWZkODItNDRmYS1iNjM0LTUyNzY2YjI0YmFhNC8x
L0NfUmxnMjBVSV9KOWFfX0lfaU5zSlJPX1Rncy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjkv
NWYyZjBiLWZkODItNDRmYS1iNjM0LTUyNzY2YjI0YmFhNC8xL1ZHZzA1b2lRODVo
cUd3Ulh6ZzlVcmdQQzEycy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAFjccAMEAVjcggMEAVjchgMEAFjc
oQMEAsOIqDANBgkqhkiG9w0BAQsFAAOCAQEAsJTT2MxwDPq4mOd6CuFdI9HCgMkZ
siYtgZHJAn21mOrgrHyP5toYvpZRV3FtbNrB+NFGbdXdwh9e8K05jVNat4oBOSH5
dPfTG4h5KjO003LbF642WDL5rCBeZD41OYXNlFdiBL2R9+7osU7VTqx5Hqt3obda
aAkcdJPRrL8LR4lYUhDx9owZhGbzy7/axU4GjVp5lap9KutrjdUtyLTeNEe19Veo
kYPNXrvnbf5nN7PvQn3pPoqU/BZSPIt2/hQFk9syi2G0XQCuGrgUCal/1wEVuvHc
61CHMGUL6WgeHYhU9tNKDvzfnbf42MEKCmk0+LAMznv9mB/Os0mItA3D5w==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:06:25 2025 by rpki-client